Information-flow control mechanisms are difficult to design and labor intensive to prove correct. To reduce the time wasted on proof attempts doomed to fail due to broken definitions, we advocate modern random testing techniques for finding counterexamples during the design process. We show how to use QuickCheck, a property-based random-testing tool, to guide the design of a simple information-flow abstract machine. We find that both sophisticated strategies for generating well-distributed random programs and readily falsifiable formulations of noninterference properties are critically important. We propose several approaches and evaluate their effectiveness on a collection of injected bugs of varying subtlety. We also present an effective technique for shrinking large counterexamples to minimal, easily comprehensible ones. Taken together, our best methods enable us to quickly and automatically generate simple counterexamples for all these bugs.

Skapa referens, olika format (klipp och klistra)

BibTeX @conference{Hritcu2013,author={Hritcu, Catalin and Hughes, John and Pierce, Benjamin C. and Spector-Zabusky, Antal and Vytiniotis, Dimitrios and Azevedo de Amorim, Arthur and Lampropoulos, Leonidas},title={Testing noninterference, quickly},booktitle={2013 18th ACM SIGPLAN International Conference on Functional Programming, ICFP 2013, Boston, United States, 25-27 September 2013},isbn={978-1-4503-2326-0},pages={455-468},abstract={Information-flow control mechanisms are difficult to design and labor intensive to prove correct. To reduce the time wasted on proof attempts doomed to fail due to broken definitions, we advocate modern random testing techniques for finding counterexamples during the design process. We show how to use QuickCheck, a property-based random-testing tool, to guide the design of a simple information-flow abstract machine. We find that both sophisticated strategies for generating well-distributed random programs and readily falsifiable formulations of noninterference properties are critically important. We propose several approaches and evaluate their effectiveness on a collection of injected bugs of varying subtlety. We also present an effective technique for shrinking large counterexamples to minimal, easily comprehensible ones. Taken together, our best methods enable us to quickly and automatically generate simple counterexamples for all these bugs.},year={2013},}

RefWorks RT Conference ProceedingsSR ElectronicID 186075A1 Hritcu, CatalinA1 Hughes, JohnA1 Pierce, Benjamin C.A1 Spector-Zabusky, AntalA1 Vytiniotis, DimitriosA1 Azevedo de Amorim, ArthurA1 Lampropoulos, LeonidasT1 Testing noninterference, quicklyYR 2013T2 2013 18th ACM SIGPLAN International Conference on Functional Programming, ICFP 2013, Boston, United States, 25-27 September 2013SN 978-1-4503-2326-0SP 455OP 468AB Information-flow control mechanisms are difficult to design and labor intensive to prove correct. To reduce the time wasted on proof attempts doomed to fail due to broken definitions, we advocate modern random testing techniques for finding counterexamples during the design process. We show how to use QuickCheck, a property-based random-testing tool, to guide the design of a simple information-flow abstract machine. We find that both sophisticated strategies for generating well-distributed random programs and readily falsifiable formulations of noninterference properties are critically important. We propose several approaches and evaluate their effectiveness on a collection of injected bugs of varying subtlety. We also present an effective technique for shrinking large counterexamples to minimal, easily comprehensible ones. Taken together, our best methods enable us to quickly and automatically generate simple counterexamples for all these bugs.LA engDO 10.1145/2500365.2500574LK http://dx.doi.org/10.1145/2500365.2500574LK http://publications.lib.chalmers.se/records/fulltext/186075/local_186075.pdfOL 30